[Info-vax] SSH / SFTP troubles
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Thu Aug 2 08:54:52 EDT 2012
On 2012-08-02 11:06:54 +0000, GerMarsh said:
> Using OpenText Secure Shell with the usual password authentication to
> VMS V8.3 has no problems. However, attempting SSH connection from one
> VMS system to another using publickey only results in "no more
> authentication methods" on the client and "WARNING: got bad packet when
> verifying user me's publickey" on the remote side.
>
> Tried checking everything according to the HP "Guide to SSH" manual -
> which I found a bit confusing - including the file protection. I did
> get confused as to whether I need the SSH_ADD to add the key though.
That manual needs an overhaul or a rewrite, and the whole of the TCP/IP
Services UI needs an overhaul. Its content is entirely correct from
what I can tell of it, but it's the result of shifting what the
programmers should have done (within the ssh implementation,
certificate stores, and related tools) over onto what the system
manager and the end-user now have to deal with.
> I tried debugging on both sides - discovered the logical name on the
> server side by looking in the TCPIP$SSH_RUN.COM - but again no further
> info.
I'll presume the sshd server daemon is enabled and started, and that
the daemon has been configured.
>
> No clues either in VMS audit journal.
Don't bother looking there on the older TCP/IP Services ssh releases,
as ssh was not particularly integrated with OpenVMS. The only way to
see what's going on there is to enable debugging within the sshd server
daemon.
> Any tips on how to determine exactly what has gone wrong would be
> greatly appreciated. I was expecting to see some debug lines stating
> the public key file it was attempting to access etc.
Confirm that the public key file format is one that is supported by OpenVMS.
> This is running TCP/IP Services Version V5.6 - ECO 5 and I know there
> are some fixes in more recent patches but I would have thought I could
> get the thing to work using public key!
Given you're apparently on Microsoft Windows of some ilk, see if this
is something odd with your ssh client, or with your key set-up on the
OpenVMS server. Put another way, set up and try PuTTY. Set-up
details for Windows PuTTY are at <http://labs.hoffmanlabs.com/node/1760>
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list